Microsoft addresses the following vulnerabilities in its December batch of patches:

• (MS08-070) Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349)
  
  Risk Rating: Critical

  This security update resolves vulnerabilities in the ActiveX controls for the Microsoft Visual Basic 6.0 Runtime Extended Files. Read more here.

• (MS08-071) Vulnerabilities in GDI Could Allow Remote Code Execution (956802)
  
  Risk Rating: Critical

  This security update resolves vulnerabilities in GDI. Read more here.

• (MS08-072) Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)
  
  Risk Rating: Critical

  This security update resolves vulnerabilities in Microsoft Office Word and Microsoft Office Outlook that could allow remote code execution if a user opens a specially crafted Word or Rich Text Format (RTF) file. Read more here.

• (MS08-073) Cumulative Security Update for Internet Explorer (958215)
  
  Risk Rating: Critical

  This security update resolves vulnerabilities that could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Read more here.

• (MS08-074) Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070)
  
  Risk Rating: Critical

  This security update resolves vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. Read more here.

• (MS08-075) Vulnerabilities in Windows Search Could Allow Remote Code Execution (959349)
  
  Risk Rating: Critical

  This security update resolves vulnerabilities in Windows Search. Read more here.

• (MS08-076) Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807)
  
  Risk Rating: Important

  This security update resolves vulnerabilities in the following Windows Media components: Windows Media Player, Windows Media Format Runtime, and Windows Media Services. Read more here.

• (MS08-077) Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege (957175)
  
  Risk Rating: Important

  This security update resolves a vulnerability that could allow elevation of privilege if an attacker bypasses authentication by browsing to an administrative URL on a SharePoint site. Read more here.